Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          xx879rtvpW64udLPtW0rFcPr9X4A80fZdM323r6yj3c=
Subject key identifier:   41:E7:3C:77:14:1E:E5:06:67:02:F7:88:2F:46:6A:E0:A0:9A:FA:C6
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       0190448D106C2B50A192CE2FA5803D2F90E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          042A
Signing time:             Sun 23 Jun 2024 10:03:33 +0000
Manifest this update:     Sun 23 Jun 2024 10:03:33 +0000
Manifest next update:     Mon 24 Jun 2024 10:03:33 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: I3tEo0erHAe8SYQbVISmmTLFluTzJJyn7hKcTqX4nNk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:03:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8d:10:6c:2b:50:a1:92:ce:2f:a5:80:3d:2f:90:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Jun 23 10:03:33 2024 GMT
            Not After : Jun 24 10:03:33 2024 GMT
        Subject: CN=41e73c77141ee5066702f7882f466ae0a09afac6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:21:15:8e:76:21:46:7e:36:fd:6c:3f:8e:f4:
                    be:d0:a6:68:dc:68:3e:c4:7c:f3:06:a8:27:c1:d9:
                    41:31:7f:dd:af:eb:77:6c:67:49:c8:31:aa:95:31:
                    bc:9c:21:93:29:92:2e:71:90:8b:6c:86:18:7e:f3:
                    5b:e3:e2:1e:25:0e:87:ea:71:06:5d:cf:a8:fb:2b:
                    9e:ce:2c:53:cb:c8:17:1e:16:fe:36:d4:6c:9d:0a:
                    2c:3c:9f:fa:a2:73:59:43:a9:dc:7d:2c:e6:a7:73:
                    6e:d7:3e:99:59:e6:e7:7f:05:4d:cd:e2:c1:db:51:
                    25:1e:3a:74:f6:ae:41:8c:7d:03:e8:35:bd:8d:1b:
                    ab:4a:f5:60:86:ee:52:61:f3:9b:5b:7f:49:bb:1e:
                    8b:6d:6e:8d:5d:cd:c6:ba:7b:1d:79:28:47:01:58:
                    e2:b3:45:7d:69:1d:ac:21:db:2e:75:b6:9b:87:ce:
                    23:8e:ed:bb:15:42:00:f2:b9:02:bb:26:93:d4:54:
                    80:08:37:d9:9b:29:21:5b:91:6b:cd:93:8a:75:50:
                    87:ed:77:12:0b:3f:17:fc:62:24:ee:37:93:c5:d8:
                    ea:49:3b:62:11:a0:56:b5:93:33:41:d1:f9:96:a2:
                    97:99:21:4d:1d:41:31:4d:1a:e6:dd:f7:40:db:0c:
                    b1:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:E7:3C:77:14:1E:E5:06:67:02:F7:88:2F:46:6A:E0:A0:9A:FA:C6
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:00:57:4d:23:29:59:8c:f7:7f:93:13:d9:57:9d:87:74:7f:
         fc:31:09:25:60:a2:09:ce:1d:38:79:3d:c5:73:2d:97:b4:1a:
         f3:af:64:11:62:7e:90:1d:01:28:ed:58:0d:12:c8:5a:35:8c:
         a7:ab:f1:da:cb:87:51:4f:91:e5:00:0e:1c:67:14:8a:f2:51:
         40:aa:88:81:97:28:f8:69:5f:86:da:96:17:fb:fd:fb:8d:3f:
         bd:09:82:fd:7a:60:9a:46:98:e0:cd:31:01:7f:7d:c1:17:82:
         39:6f:34:0f:53:be:2f:f1:98:72:99:f0:10:ff:a9:00:05:5d:
         0b:73:9c:37:a1:57:2f:9b:67:d2:c3:a9:f8:52:03:bf:9c:a1:
         94:98:a7:be:f9:05:78:59:43:c0:fc:f6:e8:48:ce:e7:77:55:
         ec:ea:5c:f4:8f:5e:ab:8e:70:08:44:64:39:c7:2c:49:b2:4f:
         fa:d8:a3:a1:8e:00:d4:be:51:b7:6d:53:e1:17:66:93:78:7e:
         26:f1:38:53:80:c1:d8:49:b5:54:15:e4:f8:3a:c2:bb:0d:a6:
         ee:c1:c9:64:49:02:ac:09:88:6d:53:ac:fe:29:de:b6:d7:af:
         16:64:b1:1c:4f:e5:96:0d:02:99:75:1e:a0:03:46:2b:ba:d7:
         af:2d:48:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEjRBsK1Chks4vpYA9L5DhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjQwNjIzMTAwMzMzWhcNMjQwNjI0MTAwMzMzWjAzMTEwLwYDVQQD
Eyg0MWU3M2M3NzE0MWVlNTA2NjcwMmY3ODgyZjQ2NmFlMGEwOWFmYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCEVjnYhRn42/Ww/jvS+0KZo3Gg+
xHzzBqgnwdlBMX/dr+t3bGdJyDGqlTG8nCGTKZIucZCLbIYYfvNb4+IeJQ6H6nEG
Xc+o+yuezixTy8gXHhb+NtRsnQosPJ/6onNZQ6ncfSzmp3Nu1z6ZWebnfwVNzeLB
21ElHjp09q5BjH0D6DW9jRurSvVghu5SYfObW39Jux6LbW6NXc3GunsdeShHAVji
s0V9aR2sIdsudbabh84jju27FUIA8rkCuyaT1FSACDfZmykhW5FrzZOKdVCH7XcS
Cz8X/GIk7jeTxdjqSTtiEaBWtZMzQdH5lqKXmSFNHUExTRrm3fdA2wyxpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHnPHcUHuUGZwL3iC9GauCgmvrGMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiQBXTSMp
WYz3f5MT2Vedh3R//DEJJWCiCc4dOHk9xXMtl7Qa869kEWJ+kB0BKO1YDRLIWjWM
p6vx2suHUU+R5QAOHGcUivJRQKqIgZco+GlfhtqWF/v9+40/vQmC/XpgmkaY4M0x
AX99wReCOW80D1O+L/GYcpnwEP+pAAVdC3OcN6FXL5tn0sOp+FIDv5yhlJinvvkF
eFlDwPz26EjO53dV7Opc9I9eq45wCERkOccsSbJP+tijoY4A1L5Rt21T4Rdmk3h+
JvE4U4DB2Em1VBXk+DrCuw2m7sHJZEkCrAmIbVOs/inettevFmSxHE/llg0CmXUe
oANGK7rXry1I/A==
-----END CERTIFICATE-----